On the SitePoint PHP blog today there's a new tutorial walking you through a new feature of PHP 5.5 that can help you create more secure password hashes easily - the Password Hashing API.

Using bcrypt is the currently accepted best practice for hashing passwords, but a large number of developers still use older and weaker algorithms like MD5 and SHA1. Some developers don't even use a salt while hashing. The new hashing API in PHP 5.5 aims to draw attention towards bcrypt while hiding its complexity. In this article I'll cover the basics of using PHP's new hashing API.

He starts by introducing the functions involved to create, verify get general information and see if the hash needs to be regenerated. For each function he provides a summary of what it does and some sample code putting it to use. If you haven't upgrade to PHP 5.5 yet and still want to use it, consider adding this library to your application. It provides the same interface, just in a "userland" implementation.